On Wed, Nov 05, 2003 at 11:37:15AM +0100, Henrik Nordstrom wrote:
> On Wed, 5 Nov 2003, Payal Rathod wrote:
>
> > I have in squid,
> > http_port 192.168.10.100:3128
> >
> > But people in the office can browse the net using 192.168.10.100 and
> > port 0000 too.
> > Plus they can brose without giving a port number, but just the ip of
> > proxy.
>
> Most likely their clients are using port 3128 or port 80 when no port (or
> port 0) is specified in their proxy settings.
The problem is that they can browse alright, but the acls I have defined
do not work. e.g. I don't allow access to hotmail and yahoo but when
they remove the port, they are allowed to go to those sites.
Using iptables I have blocked their direct access to outgoing port , so
they are forced to use proxy. But they now don't give port no. and
browse freely.
> Have you installed any interception rules on the proxy server,
> intercepting port 80?
I don't understand exactly what you mean. But it is a simple squid
install. Only listening to port .
With warm regards,
-Payal
p.s. the browser are IE 5.x and 6.x
> Regards
> Henrik
>
--
For GNU/Linux Success Stories and Articles visit:
http://payal.staticky.com
Received on Wed Nov 05 2003 - 07:20:02 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:07 MST